Using SecurityImages framework in Your code

This page is dedicated to any 3rd party developer of Joomla! 1.5  which want to use SecurityImages component in their code.

Lets take the contact section of Joomla! 1.5 as  an example.

It is always recommended to use a switch in all your component to activate deactivate SecurityImages per components  through the administrator control panel.

This is done by adding to administrator/components/com_contact/contact_items.xml the following code: 

<param name="useSecurityImages" type="radio" default="1" label="Use SecurityImage Captcha" description="Enable Captcha verification">
            <option value="0">No</option>
            <option value="1">Yes</option>
</param>

Joomla will read this xml file on the fly  and build the graphical user interface for the contact settings.

contact.settings.securityimages.5.0

Since Joomla! 1.5 now use a Model View Controller paradigm, we have to alter the controller, and add a new Task displaySecurityImagesCaptcha()in  components/com_contact/controller.php:

   function displaySecurityImagesCaptcha() { 
        global $mainframe
       
        //Per contact you can define if the user has to resolve the capctha 
        $contactId = JRequest::getVar('contact_id', 0, '', 'int'); 
        // load the contact details 
        $model    = &$this->getModel('contact'); 
        $qOptions['id'] = $contactId
        $contact        = $model->getContact( $qOptions ); 
        $params = new JParameter( $contact->params ); 
         
        if ($params->get('useSecurityImages')) {     
            $check = null
            $mainframe->triggerEvent('onSecurityImagesDisplay', array($check)); 
            if (!$check) { 
                echo "<br/>Erreur affichage du Captcha<br/>"
            } 
        } 
             
    } 
As you can see, the event "onSecurityImagesDisplay" is triggered on a per contact name basis. That mean that some contact can have a Captcha while other have not. 

The next step is to add the task checkSecurityImagesCaptcha() checking the captcha in the components/com_contact/controller.php
function checkSecurityImagesCaptcha() { 
        global $mainframe
  
        $contactId = JRequest::getVar('id', 0, '', 'int'); 
        // load the contact details 
        $model    = &$this->getModel('contact'); 
        $qOptions['id'] = $contactId
        $contact        = $model->getContact( $qOptions ); 
        $params = new JParameter( $contact->params ); 
       
        //check if that user has a capctha 
        if (!$params->get('useSecurityImages')) {  
            return true
        } 
        $return = false
        $securityImagesJoomlaContactUserTry = JRequest::getVar('securityImagesJoomlaContactUserTry', false, '', 'CMD'); 
        $mainframe->triggerEvent('onSecurityImagesCheck', array($securityImagesJoomlaContactUserTry &$return));
        return $return;
    } 
One more step is to alter the original submit() method of the controller in components/com_contact/controller.php
        global $mainframe  

        if (!$this->checkSecurityImagesCaptcha()) {
            JError::raiseWarning("999","Invalid Captcha Code");
            $this->display();
            return false;
        } 
And finally altering the view /com_contact/views/contact/tmpl/default_form.php
to display the Captcha field

<?php if ($this->params->get('useSecurityImages')) { ?>             
<img src="/index.php?option=com_contact&task=displaySecurityImagesCaptcha&contact_id=<?php echo $this->contact->id; ?>"> 
<br /> 
<input type="text" name="securityImagesJoomlaContactUserTry" /> 
<br /> 
 <?php } ?>
As you see a lot of thing have been done, and I am still testing and improving the code.
Final Notes
  • Securityimages component can be put in debug mode or be deactivated site wide.
  • If is recommended to have a switch in your code to enable disable usage of securityimages in case the user hasn't installed it yet.

Have fun...